The year 2020 was certainly a scramble for many businesses when the pivot to remote work seemed to happen virtually overnight.
Thankfully, this quickly enabled companies to keep their operations going, and many discovered the added benefit of more productive and happy employees working from home.
But with so many companies now embracing hybrid work environments, there’s an expanded need for reviewing any employee fraud controls that were put into place in 2020. In hindsight, organizations are realizing that these pandemic controls may have been hastily put into place, exposing some potential longer-term vulnerabilities.
In fact, according to a June 2021 report from the Association of Certified Fraud Examiners, 71 percent of entities say fraud will rise over the next 12 months, and 51 percent have uncovered more fraud since the on-set of the pandemic.
Many companies certainly are now considering switching back to pre-pandemic controls, or keeping the virtual work controls in place. As such, one thing to consider is that hybrid work can create an environment for more fraudulent behavior.
With many company managers and leaders also working in a hybrid setting, it’s more difficult to spot and manage overall fraud. On top of all of this, many companies are eager to have their operations run at pre-pandemic levels, causing a push for faster recovery efforts that could potentially overlook core internal controls.
With all of this in mind, here are some tips to consider:
Reevaluate email and overall cybersecurity: A 2020 study found that overall email attacks increased by 667 percent following the rise of COVID-19 worldwide. Create policies around email security that can counter malware attacks – where a hacker can all too easily spoof an email from a manager.
Look at all business processes: Thoroughly examine all business processes to spot potential vulnerabilities. For example, did you pivot to ACH payments rather than cutting physical checks? It is much easier to access banking passwords than to forge actual checks. Additionally, changes in the ACH information to redirect payments is less noticeable than changing payees on physical checks.
Better communications and transparency: For those companies that are continuing with remote work, schedule daily or weekly video conference calls with team members for updates on all tasks and assignments. By keeping employees fully engaged and accountable, it is easier to keep them on track overall.
Be careful who you hire: Especially relevant for the hospitality and restaurant sectors, there is a fight for talent as these industries are having a hard time finding employees. Rather than rushing a new hire, institute a wide range of background checks to avoid hiring an employee who would be more prone to committing fraud.
Address the issue head-on: If you detect fraudulent behavior, it is best to immediately address it – especially if it involves monetary theft. Calling law enforcement may feel like the first logical step. But first, you need to build your case and gather all of the relevant evidence. Consider consulting with a certified fraud examiner who can uncover all of the important evidence.
Make employees happy: The “Fraud Triangle” states that “Opportunity” “Rationalization” and “Pressure” are likely to cause employee fraud. To minimize this risk, be flexible with employees and their work styles. Some may be highly productive and happy working from home, while others need the guidance and structure of an office.
In the mad dash to return to a normal work environment, it’s all too easy to overlook internal controls that can help with countering employee fraud – especially as hybrid operations seem to be the new future of work.
By taking the right steps, it is possible to create an environment of trust and minimize any risks that can come from potentially unhappy employees.
Mike Schiller, CPA, CFE, is a supervisor of audit and accounting at Gorfine, Schiller & Gardyn.